I have a three node proxmox cluster running home assistant, jellyfin, file servers, pivpn, pihole for dhcp and a dozen other servers that I need to have remote access to. I have some spare raspberry pi’s and spare smart plugs. I have a T-Mobile hotspot with 30gb of monthly data before it throttles data. I have a backup UPS. I’m using a Nokia wireless router for connection to my ISP which is AT&T. I also have a spare ASUS RT-AC68U router that has a WAN failover feature. I think it may be necessary to reset the power to recover the proxmox servers. My servers will be unattended when I’m away. How can I make sure I don’t lose access to my home network.

To Do Regarding Following Responses

1. Install Tailscale on RPi
2. Setup ASUS router as access point with hotspot as secondary WAN
3. Install smart plugs for AT&T router and Proxmox servers
4. Install watchdog on RPi
5. Install Pihole on RPi
6. Install DDClient on RPi
7. Simulate power outage
8. Simulate ISP outage
9. Simulate ISP failover
10. Test hotspot for continuous operation
11. Setup range extender

Solution

This is not a trivial solution. Using the AI responses from below, this is my implementation. My ASUS router supports dual WAN failover but my AT&T Nokia router connects to the internet. The best way to avoid double NAT is to put the AT&T router in bridge mode but that’s not available. However, it supports IP Passthrough.

To turn on IP Passthrough, the Nokia router needs have DHCP on the ASUS router turned on. Since I use Pihole for DHCP, I isolated my workstation and both routers to establish this with wifi off. The T-Mobile hotspot network was not configurable and conflicted with my long time 192.168 network, so I had to change my local network to a new 192.168 network. This was mostly trivial and tedious except for Proxmox. It broke my cluster and my Ceph shared storage. With some AI help, I repaired the broken cluster but not yet Ceph. I tethered my hotspot to the ASUS router, turned off the Nokia router and voilà it failed over to the hotspot. With the Nokia router back on, it failed back.

What I’m really trying to do is “harden my data center”. What’s the best combination of access and duration I can have to my “smart” home while I’m away during a power outage. Once I did a u-turn in Tucumcari when my home lost power in a cold spell. Failover to a battery backup 5G internet access is a big asset. Maybe a wifi thermometer and camera?

To avoid Double NAT when using the ASUS RT-AC68U as a failover router with your AT&T Nokia BGW320-505, you need to put the Nokia router into IP Passthrough mode.

🔧 Steps to Set Up IP Passthrough on AT&T Nokia BGW320-505

This will make the ASUS router handle all routing and NAT, preventing conflicts.

1️⃣ Connect Your ASUS Router to the Nokia Router

• Plug an Ethernet cable from a LAN port on the Nokia BGW320-505 into the WAN port of the ASUS RT-AC68U.

2️⃣ Enable IP Passthrough on the Nokia BGW320-505

1. Log in to the AT&T Router
   • Open a browser and go to: http://192.168.1.254
   • Sign in (default access code is on the router label)
2. Navigate to IP Passthrough
   • Click Firewall → IP Passthrough
3. Set Up Passthrough Mode
   • Allocation Mode: Passthrough
   • Passthrough Mode: DHCPS-Fixed
   • Passthrough MAC Address: Select the MAC address of the ASUS router’s WAN port
4. Save & Apply Settings
   • Reboot the Nokia router and ASUS router.

3️⃣ Configure the ASUS Router

1. Log in to ASUS RT-AC68U (http://192.168.1.1)
2. Set WAN to Automatic IP (DHCP)
   • Go to WAN → Internet Connection
   • Set WAN Connection Type = Automatic IP
   • Disable DHCP Query Frequency
   • Click Apply
3. Disable ASUS’s NAT Acceleration (Optional for stability)
   • Go to LAN → Switch Control
   • Set NAT Acceleration = Disabled
   • Click Apply

4️⃣ Confirm the Setup

• On the ASUS Router, check the WAN IP Address (it should be the same as your public IP).
• The Nokia router will no longer perform NAT, preventing Double NAT.
• The ASUS router will now handle failover between AT&T and T-Mobile 5G.

✅ Now, all devices will use the ASUS router as their only gateway, preventing Double NAT! 🚀

ChatGPT Response

You have a solid setup with redundancy, but since your Proxmox servers will be unattended while you’re away, here’s a fail-safe strategy to ensure remote access and automatic recovery after a power outage or network failure.

1️⃣ Ensure Remote Access

(A) VPN Access via PiVPN

• PiVPN is great, but if your primary ISP (AT&T) goes down or changes your external IP, you might lose access.
• Solution: Set up a Dynamic DNS (DDNS) service like DuckDNS, No-IP, or Cloudflare to track your home IP address.
• Alternative: Have a backup VPN (e.g., Tailscale or ZeroTier) running on a Raspberry Pi.

(B) T-Mobile Hotspot for Backup Internet

• Use the ASUS RT-AC68U as a failover router:
  • Primary WAN: Nokia (AT&T ISP)
  • Secondary WAN: T-Mobile Hotspot (Connected via USB or Ethernet)
• This ensures automatic failover if AT&T goes down.

2️⃣ Automatic Power Cycling for Recovery

(A) Smart Plugs for Remote Power Cycling

• Use a smart plug (e.g., TP-Link Kasa, Tasmota, or Zigbee/Z-Wave) on:
  • Proxmox servers
  • Nokia router
  • ASUS router
• Use a cloud-managed smart plug (like Kasa or Shelly) so you can remotely reboot devices if they become unresponsive.

(B) Raspberry Pi Watchdog for Network & Server Health

• Set up a spare Raspberry Pi to:
  • Ping your key services (Proxmox, Pi-hole, VPN, Home Assistant).
  • If a service is down for X minutes, use a smart plug API to power cycle the Proxmox servers.
• Example Python script for the Raspberry Pi: import os import requests import time # IPs of critical devices devices = { "Proxmox": "192.168.1.100", "Router": "192.168.1.1", "Home Assistant": "192.168.1.50" } # Smart plug API (TP-Link Kasa, Shelly, etc.) SMART_PLUG_URL = "http://smartplug-ip/power" def check_device(ip): return os.system(f"ping -c 3 {ip}") == 0 while True: for name, ip in devices.items(): if not check_device(ip): print(f"{name} is down! Restarting power...") requests.post(SMART_PLUG_URL, json={"state": "off"}) time.sleep(10) requests.post(SMART_PLUG_URL, json={"state": "on"}) time.sleep(300) # Check every 5 minutes

3️⃣ Prevent Data Overages on T-Mobile Hotspot

• Limit backups & updates to run only on AT&T.
• Block high-bandwidth services (like Jellyfin streaming) on the failover connection.

4️⃣ Test Before Leaving

• Simulate a power outage: Unplug everything and check if it recovers automatically.
• Simulate an ISP outage: Disconnect AT&T to ensure failover to T-Mobile works.

Final Setup Overview

✅ VPN Failover: PiVPN + DDNS + Tailscale/ZeroTier
✅ Internet Failover: ASUS RT-AC68U → Primary: AT&T, Secondary: T-Mobile
✅ Smart Power Cycling: Smart plugs controlled by a Raspberry Pi watchdog
✅ Data Protection: Limit traffic on T-Mobile failover

Would you like help setting up any of these components in more detail? 🚀

Let’s break this down into actionable steps. I’ll guide you through each part of the setup and you can let me know if you need more details or specific instructions.

1️⃣ Set Up VPN for Remote Access

Since you already have PiVPN, you should also add a backup access method to prevent getting locked out. Here’s how:

Option A: Enable Dynamic DNS (DDNS)

• If AT&T changes your IP address, DDNS ensures you can always reach your home network.
• Recommended services:
  • DuckDNS (Free)
  • No-IP (Free tier available)
  • Cloudflare DDNS (If you own a domain)

Steps to set up DuckDNS:

1. Create an account at DuckDNS.
2. Add a new domain (e.g., yourhome.duckdns.org).
3. Set up a Raspberry Pi or Proxmox server to update your IP: sudo apt update && sudo apt install cron curl -y echo "*/5 * * * * root curl -s 'https://www.duckdns.org/update?domains=yourhome&token=YOURTOKEN&ip='" | sudo tee /etc/cron.d/duckdns sudo systemctl restart cron
4. Configure PiVPN to use DuckDNS instead of an IP.
   Update /etc/wireguard/wg0.conf: Endpoint = yourhome.duckdns.org:51820

Option B: Backup VPN with Tailscale

• Why? If AT&T goes down, Tailscale works even on your T-Mobile failover.
• How? Install Tailscale on a Raspberry Pi and your remote devices: curl -fsSL https://tailscale.com/install.sh | sh sudo tailscale up
• Use Tailscale as a secondary way to access your home servers.

2️⃣ Set Up WAN Failover (AT&T → T-Mobile)

Your ASUS RT-AC68U supports dual WAN failover.
Steps to configure it:

1. Connect AT&T router to the ASUS RT-AC68U’s WAN port.
2. Connect the T-Mobile hotspot to a LAN port on the ASUS router (or via USB if supported).
3. Log into ASUS Router (192.168.1.1).
4. Go to WAN → Dual WAN and enable Failover Mode.
5. Set Primary WAN: AT&T
   Set Secondary WAN: T-Mobile hotspot
6. Set Failover detection mode: “Network monitoring” (Ping 8.8.8.8).
7. Save and test by unplugging AT&T.

✅ Now, if AT&T fails, T-Mobile takes over automatically.

3️⃣ Remote Power Cycling (Smart Plugs)

Use a cloud-based smart plug (like Kasa or Shelly) to remotely restart devices if needed.

Steps to Set Up TP-Link Kasa Smart Plug:

1. Install Kasa app and connect the smart plug to your home WiFi.
2. Plug in critical devices:
   • Proxmox servers
   • Nokia router
   • ASUS router
3. Use the Kasa app to power cycle remotely if a device is unresponsive.

✅ Now you can manually reset devices remotely via the app.

4️⃣ Automatic Power Cycling with a Raspberry Pi

Use a Raspberry Pi to detect offline servers and power cycle them automatically.

Steps:

1. Install Python on the Raspberry Pi: sudo apt update && sudo apt install python3-pip -y pip3 install requests
2. Monitor devices using this Python script: import os import requests import time # Devices to monitor devices = { "Proxmox": "192.168.1.100", "Home Assistant": "192.168.1.50", "Router": "192.168.1.1" } # Smart plug API (TP-Link Kasa, Shelly, or Tasmota) SMART_PLUG_URL = "http://smartplug-ip/power" def check_device(ip): return os.system(f"ping -c 3 {ip}") == 0 while True: for name, ip in devices.items(): if not check_device(ip): print(f"{name} is down! Restarting power...") requests.post(SMART_PLUG_URL, json={"state": "off"}) time.sleep(10) requests.post(SMART_PLUG_URL, json={"state": "on"}) time.sleep(300) # Check every 5 minutes

✅ This automatically reboots Proxmox if it becomes unresponsive.

5️⃣ Limit T-Mobile Data Usage

T-Mobile has a 30GB cap before throttling, so block high-traffic services like Jellyfin.

Steps to limit data:

1. Go to ASUS router settings (192.168.1.1).
2. Go to Traffic Manager → Bandwidth Control.
3. Set a bandwidth rule:
   • Allow only Home Assistant, PiVPN, and critical services on T-Mobile.
   • Block Jellyfin and non-essential traffic.

✅ This prevents unnecessary data usage on your failover connection.

6️⃣ Test Before Leaving

1. Simulate power failure: Unplug everything and check if it restarts correctly.
2. Simulate ISP failure: Disconnect AT&T and ensure the T-Mobile failover works.
3. Test remote access: Ensure you can connect via PiVPN, Tailscale, and DDNS.

Final Setup Recap

✅ VPN Failover: PiVPN (AT&T) + Tailscale (T-Mobile) + DDNS
✅ Internet Failover: ASUS Router (AT&T → T-Mobile)
✅ Remote Power Cycling: Smart plugs + Raspberry Pi watchdog
✅ Data Protection: Block streaming services on T-Mobile
✅ Pre-Trip Testing: Power & ISP failure simulation

Do you need help with any of these steps? 🚀

How to Set Up Tailscale on Your Raspberry Pi for Remote Access

This guide will walk you through installing and configuring Tailscale on your Raspberry Pi to ensure you can securely access your home network remotely, even if your primary VPN fails.

📌 Step 1: Install Tailscale on Raspberry Pi

1️⃣ Update Your System

Before installing, update your system:

sudo apt update && sudo apt upgrade -y

2️⃣ Install Tailscale

Run the following command:

curl -fsSL https://tailscale.com/install.sh | sh

This script will automatically install the latest Tailscale package.

📌 Step 2: Start & Authenticate Tailscale

1️⃣ Start Tailscale

Enable and start the service:

sudo systemctl enable --now tailscaled

2️⃣ Authenticate Your Raspberry Pi

Run the command:

sudo tailscale up

It will provide a login link—open it in a web browser and sign in with Google, GitHub, or Microsoft.

Once authenticated, your Raspberry Pi is now part of your Tailscale network. 🎉

📌 Step 3: Access Your Home Network

1. Get your Raspberry Pi’s Tailscale IP: tailscale ip -4 Example output: 100.99.88.77
2. Connect from anywhere by using SSH: ssh pi@100.99.88.77 You can also access other devices on your network by enabling subnet routing.

📌 Step 4: Enable Subnet Routing (Access Entire Home Network)

By default, Tailscale only allows access to the Raspberry Pi. To access your entire home network, enable subnet routing:

1️⃣ Find Your Home Network Subnet

Run:

ip -4 addr show eth0

Example output:

inet 192.168.1.100/24 brd 192.168.1.255 scope global eth0

Here, 192.168.1.0/24 is your home network subnet.

2️⃣ Enable Subnet Routing

Run:

sudo tailscale up --advertise-routes=192.168.1.0/24

3️⃣ Approve the Route in Tailscale Admin Panel

1. Go to https://login.tailscale.com/admin/machines
2. Find your Raspberry Pi and approve the advertised route.

Now, you can access any device on your home network via Tailscale! 🔥

📌 Step 5: Ensure Tailscale Starts on Boot

Tailscale should already start automatically, but you can double-check with:

sudo systemctl enable tailscaled

📌 Step 6: (Optional) Use Tailscale Exit Node for Full Remote Access

If you want your Raspberry Pi to act as an exit node (allowing full internet access through your home network), enable it with:

sudo tailscale up --advertise-exit-node

Then approve it in the Tailscale Admin Panel.

🎯 Summary

✅ Tailscale is installed and running
✅ You can SSH into your Raspberry Pi from anywhere
✅ Your entire home network is accessible remotely
✅ Failover works even if your main ISP goes down

Would you like help testing the connection? 🚀

How to Test Your Tailscale Connection

Now that Tailscale is set up, let’s make sure everything is working properly. Follow these steps:

📌 Step 1: Check Tailscale Status

On your Raspberry Pi, run:

tailscale status

You should see output similar to this:

100.99.88.77   raspberrypi   online
100.101.102.50 laptop        online
100.102.103.20 phone         online

✅ If your Raspberry Pi appears as online, it’s connected to Tailscale.

📌 Step 2: Test SSH Access from Another Device

1. Find your Raspberry Pi’s Tailscale IP: tailscale ip -4 Example output: 100.99.88.77
2. From another device running Tailscale, try SSH: ssh pi@100.99.88.77
   • If prompted, enter your Raspberry Pi password.
   • ✅ If successful, your Tailscale setup is working!

📌 Step 3: Test Access to Other Home Network Devices (If Using Subnet Routing)

If you enabled subnet routing, try pinging a local device on your home network:

ping 192.168.1.100  # Replace with a local device's IP

✅ If you get a response, subnet routing is working.

📌 Step 4: Test Connection from Outside Your Home

1. Turn off Wi-Fi on your phone.
2. Use mobile data and open the Tailscale app.
3. Try SSH into your Raspberry Pi: ssh pi@100.99.88.77 ✅ If successful, your Raspberry Pi is remotely accessible!

🚨 If Something Isn’t Working

• Run this diagnostic command on the Pi: tailscale debug logs
• Check firewall settings (make sure SSH is allowed).
• Reboot the Pi and try again.

Let me know if you run into any issues! 🚀

Setting Up ddclient on a Raspberry Pi as a Backup for Namecheap DDNS

This guide will help you install ddclient on a Raspberry Pi, ensuring that your Namecheap domain (lynnhargrove.site) updates reliably, even if your Proxmox server goes down.

📌 Step 1: Install ddclient

1️⃣ Update your system:

sudo apt update && sudo apt upgrade -y

2️⃣ Install ddclient:

sudo apt install ddclient -y

3️⃣ Verify the installed version:

ddclient --version

You should see something like:

ddclient version 3.9.1

📌 Step 2: Configure ddclient for Namecheap

1️⃣ Open the ddclient configuration file:

sudo nano /etc/ddclient.conf

2️⃣ Replace the contents with:

# Namecheap Dynamic DNS Configuration
protocol=namecheap
use=web, web=dynamicdns.park-your-domain.com/getip
server=dynamicdns.park-your-domain.com
login=lynnhargrove.site
password='your_namecheap_ddns_password'
@  # Updates the root domain

🔹 Replace 'your_namecheap_ddns_password' with the Dynamic DNS password from Namecheap.

• Find it under Advanced DNS settings in your Namecheap dashboard.

🔹 If you have a subdomain (e.g., home.lynnhargrove.site), change @ to home.

Save and exit: CTRL+X → Y → Enter

📌 Step 3: Enable ddclient as a Systemd Service

1️⃣ Make sure ddclient runs on boot:

sudo systemctl enable ddclient

2️⃣ Restart ddclient:

sudo systemctl restart ddclient

3️⃣ Check status:

sudo systemctl status ddclient

✅ If everything is working, you should see “active (running)”.

📌 Step 4: Verify That Your Domain Updates Correctly

1️⃣ Manually trigger an update:

sudo ddclient -force

2️⃣ Check your public IP:

curl ifconfig.me

3️⃣ Check if Namecheap updated your domain:

nslookup lynnhargrove.site

🔹 If the IP from nslookup matches ifconfig.me, your DDNS is working!

📌 Step 5: Set Up a Fallback (Optional)

If you want the Raspberry Pi only to update DDNS if your Proxmox server is offline, you can:

• Add a cron job to check if Proxmox is reachable before running ddclient.
• Use Tailscale or a watchdog script to automate failover.

🚀 You’re Done!

Now your Raspberry Pi will keep your lynnhargrove.site domain updated, even if your Proxmox server fails.

Let me know if you need help testing failover or setting up automation! 😊

I asked Gemini:

Can i have two wireless routers with the same ssid for automatic failover?

Yes, you can have two wireless routers with the same SSID and password for automatic failover, but it’s important to understand how this works and its limitations. The technique is commonly referred to as “roaming” or “seamless roaming.”

How It Works:

• Same SSID and Password:
  • By configuring both routers with the exact same SSID (network name) and password, your wireless devices see them as a single network.
• Device Decision:
  • When your device moves between the coverage areas of the two routers, it will decide which router to connect to based on signal strength and other factors.
  • Modern devices are generally quite good at this.
• Failover:
  • If one router fails, your device should automatically connect to the other router, provided it’s within range.

Key Requirements and Considerations:

• Same Security Settings:
  • Ensure that both routers have the same security settings (e.g., WPA2/WPA3).
• Non-Overlapping Channels (Recommended):
  • To minimize interference, it’s best to configure the routers to use non-overlapping Wi-Fi channels.
    • For 2.4GHz, use channels 1, 6, or 11.
    • For 5GHz, choose channels that are sufficiently separated.
• Same Network Configuration:
  • Both routers should be on the same subnet.
    • Ideally, one router should be the primary router, and the other should be configured as an access point.
    • If both routers are acting as routers, but on the same subnet, one router needs to have DHCP turned off, to avoid ip address conflicts.
• Placement:
  • Strategically place the routers to provide overlapping coverage areas.
• Limitations:
  • Not True Seamlessness: While your device will automatically switch, there might be a brief interruption in connectivity during the transition. This is because your device has to disconnect from one router and connect to the other.
  • Device Compatibility: Some older wireless devices might not handle roaming as smoothly as newer devices.¹
  • Interference: If the routers are too close together or use overlapping channels, it can lead to interference and poor performance.²
  • Network Conflicts: If both devices are trying to act as routers, and both are running DHCP, network conflicts will occur.³

Best Practices for Reliable Failover:

• Use Access Point Mode:
  • Configure one router as the primary router (handling DHCP and routing) and the other as an access point. This ensures that all devices get their IP addresses from the same source.
• Use a Mesh Wi-Fi System:
  • Mesh Wi-Fi systems are designed for seamless roaming and provide a more reliable and user-friendly experience than manually configuring two separate routers.⁴
• Wired Backhaul:
  • If possible, connect the routers using a wired Ethernet connection (wired backhaul). This improves performance and reliability.

In summary:

Setting up two routers with the same SSID and password can provide basic failover, but it’s essential to understand its limitations and follow best practices to minimize potential issues. Using a mesh system, or access point mode, is highly recommended for a smoother and more reliable experience.

I then asked:

I have a tmobile 5g router, an at&t fiber router, an asus rt-ac68u router not in use, and a pihole dhcp server. My wireless ssid is provided by the at&t router. I will be away for an extended period. Is there a way to configure an automatic failover from the at&t router to the 5g router?

Yes, you can configure an automatic failover from your AT&T fiber router to your T-Mobile 5G router, but it requires careful planning and a bit of technical work. Here’s a comprehensive approach:

Understanding the Challenge:

• Different Networks: Your AT&T and T-Mobile routers are on separate networks with different public IP addresses and potentially different private IP ranges.
• Automatic Switching: The primary challenge is to automatically switch your local network’s gateway and DNS settings when the AT&T connection fails.
• Pi-hole as DHCP: Your Pi-hole acting as the DHCP server simplifies some things, but also adds a layer of complexity.

Configuration Steps:

1. T-Mobile 5G Router Setup:
   • Configure LAN Settings:
     • Ensure the T-Mobile 5G router’s LAN IP range is different from your AT&T router’s. For example, if AT&T is 192.168.1.x, make the T-Mobile router 192.168.2.x.
     • Disable DHCP on the T-Mobile router. You’ll rely on Pi-hole for DHCP.
   • Wi-Fi Settings:
     • Set the T-Mobile router’s SSID to something different (e.g., “Bigbird-5G”) to avoid conflicts with your existing network.
     • Alternatively, you can have it broadcast the same SSID, but this adds complexity to the failover scripts.
   • Placement: Place the T-Mobile 5G router where it has a good 5G signal.
2. Pi-hole Configuration:
   • Static IP: Ensure your Pi-hole has a static IP address on your AT&T network.
   • DHCP Range: Configure your Pi-hole’s DHCP range to match your AT&T router’s LAN subnet.
   • Gateway Setting:
     • This is the crucial part. You’ll need to create a script that modifies the Pi-hole’s DHCP gateway setting based on network availability.
3. Failover Script (on Pi-hole):
   • Create a Script: Create a shell script on your Pi-hole that does the following:
     • Ping Test: Ping a reliable internet address (e.g., 8.8.8.8) to check if the AT&T connection is active.
     • Router Detection: If the ping fails, ping the AT&T router. If that fails too, assume the AT&T connection is down.
     • Modify Pi-hole DHCP:
       • If the AT&T connection is down, use pihole -a dhcp-gateway to change the Pi-hole’s DHCP gateway setting to the T-Mobile 5G router’s LAN IP address.
       • If the AT&T connection is up, change it back to the AT&T router’s LAN IP address.
     • Network Interface Check: Confirm the default route is using the correct interface.
   • Cron Job: Set up a cron job to run the script periodically (e.g., every minute).
4. Asus RT-AC68U (Optional):
   • You could use the asus router as a wireless access point for the tmobile router. This would allow you to keep the same SSID.
   • This would require the asus router to be connected via ethernet to the tmobile router.
   • The asus router would be set to access point mode, and the wifi settings would be configured to use the same SSID and password.

Example Script (Simplified):

Bash

#!/bin/bash

ATT_ROUTER="192.168.1.1" # Replace with your AT&T router IP
TMOBILE_ROUTER="192.168.2.1" # Replace with your T-Mobile router IP

if ping -c 1 8.8.8.8 > /dev/null; then
  # AT&T connection is up
  if ping -c 1 $ATT_ROUTER > /dev/null; then
    pihole -a dhcp-gateway $ATT_ROUTER
  fi
else
  # AT&T connection is down
  pihole -a dhcp-gateway $TMOBILE_ROUTER
fi

Important Considerations:

• IP Conflicts: Ensure your LAN subnets don’t overlap.
• DNS: Your Pi-hole will continue to provide DNS, but if the T-Mobile connection has DNS issues, you might need to adjust Pi-hole’s upstream DNS servers.
• Testing: Thoroughly test the failover script to ensure it works correctly.
• Security: If you expose your network to the internet through the T-Mobile router, ensure you have appropriate security measures in place.
• Network speed: Be aware that the tmobile 5g router may have significantly different speeds then the fiber connection.
• Power: Ensure that both routers have uninterruptible power supplies.

By following these steps, you can create a basic automatic failover system for your network.

I asked ChatGPT the same question:

I have a tmobile 5g router, an at&t fiber router, an asus rt-ac68u router not in use, and a pihole dhcp server. My wireless ssid is provided by the at&t router. I will be away for an extended period. Is there a way to configure an automatic failover from the at&t router to the 5g router?

Yes, you can set up automatic failover using your ASUS RT-AC68U router as a dual-WAN router with WAN failover. Here’s how:

1️⃣ Connect Your Routers

• Primary WAN (AT&T Fiber) → Plug into the WAN port of the ASUS RT-AC68U.
• Secondary WAN (T-Mobile 5G Router) → Plug into a LAN port of the ASUS.

2️⃣ Set Up Dual WAN on ASUS RT-AC68U

1. Log into the ASUS router (default: 192.168.1.1).
2. Go to WAN → Dual WAN.
3. Enable Dual WAN.
4. Set:
   • Primary WAN = Ethernet WAN (AT&T Fiber).
   • Secondary WAN = Ethernet WAN (T-Mobile 5G Router) or USB (if using a 5G modem).
5. Select “Failover Mode” (auto-switches when AT&T fails).
6. Set Ping Check:
   • Target: 8.8.8.8 (Google DNS).
   • Failover after 3-5 timeouts.
   • Failback when AT&T returns.

3️⃣ Adjust Pi-hole DHCP Settings

• If the ASUS RT-AC68U becomes your main router, update Pi-hole DHCP to point to it as the default gateway.
• If you want AT&T to remain the DHCP source, ensure its gateway is static so ASUS can maintain failover routing.

4️⃣ Test the Failover

• Unplug AT&T Fiber → The ASUS should switch to the T-Mobile router within a few minutes.
• Reconnect AT&T → It should fail back automatically.

🚀 Now, Your Network Will Stay Online Even if AT&T Fails!

Would you like to add remote monitoring to check your network while you’re away? 📡

📡 Set Up Remote Monitoring for Your Failover Network

Now that failover is configured, let’s set up remote monitoring so you can check your network status while away.

1️⃣ Option 1: Use a Dynamic DNS (DDNS) Service

Since your public IP may change, use a DDNS service like No-IP or DynDNS to access your ASUS router remotely.

Set Up DDNS on ASUS Router

1. Log into your ASUS router (192.168.1.1).
2. Go to WAN → DDNS.
3. Enable DDNS Client.
4. Select a free DDNS service (ASUS provides free ones).
5. Register a hostname (e.g., myhome.asuscomm.com).
6. Save settings.

✅ Now, you can access your router remotely using myhome.asuscomm.com.

2️⃣ Option 2: Enable ASUS Remote Access

ASUS routers have a VPN or Remote Web Access feature:

1. Go to Administration → System.
2. Enable Web Access from WAN (set a strong password!).
3. Or, enable VPN Server to connect securely.

✅ This lets you log into your router from anywhere.

3️⃣ Option 3: Use a Remote Monitoring Tool

Check Internet Status via UptimeRobot

1. Go to UptimeRobot (free plan available).
2. Set up a new monitor:
   • Type: Ping Monitor
   • IP: Your home DDNS hostname (myhome.asuscomm.com)
   • Check interval: Every 5 minutes
3. Set up email/SMS alerts if your network goes down.

✅ You’ll get alerts when your internet fails and when it’s back.

4️⃣ Option 4: Use Pi-hole + Telegram Alerts

You can use your Pi-hole to detect internet outages and send an alert via Telegram or Pushbullet:

Set Up a Simple Internet Check Script

1. Run: nano ~/internet_check.py
2. Add this Python script: import os import requests import time # Telegram Bot Details TELEGRAM_BOT_TOKEN = "your_bot_token_here" TELEGRAM_CHAT_ID = "your_chat_id_here" # Function to check internet status def is_internet_up(): return os.system("ping -c 1 8.8.8.8") == 0 # Send Telegram Alert def send_telegram_alert(status): message = f"⚠️ Internet Down!" if not status else "✅ Internet Restored!" url = f"https://api.telegram.org/bot{TELEGRAM_BOT_TOKEN}/sendMessage" requests.post(url, data={"chat_id": TELEGRAM_CHAT_ID, "text": message}) # Check every 5 minutes prev_status = is_internet_up() while True: current_status = is_internet_up() if current_status != prev_status: send_telegram_alert(current_status) prev_status = current_status time.sleep(300) # Wait 5 minutes
3. Save & exit (Ctrl+X, Y, Enter).

Run the Script on Boot

1. Run: crontab -e
2. Add: @reboot /usr/bin/python3 /home/pi/internet_check.py &

✅ Now, you’ll get a Telegram message when your home internet goes down!

🚀 Your Home Network is Now Monitored & Secured!

Would you like a remote reboot option if your internet goes down? 🖥️🔄

🔄 Set Up a Remote Reboot for Your Home Network

If your internet fails while you’re away, you can remotely reboot your ASUS router or Raspberry Pi to try restoring the connection.

1️⃣ Option 1: Reboot via Smart Plug (Simple & Reliable)

A Wi-Fi smart plug (like a Kasa TP-Link or Wyze plug) can power cycle your AT&T and T-Mobile routers if they lose internet.

How It Works:

1. Plug your router into a smart plug.
2. Enable remote access via the Kasa/Wyze app.
3. If your network fails, toggle the smart plug OFF & ON from your phone.

✅ Easiest failover fix without needing complex scripts!

2️⃣ Option 2: Use a Raspberry Pi to Reboot the ASUS Router

If you have your Pi-hole running on a Raspberry Pi, you can make it reboot the ASUS router automatically when internet fails.

Step 1: Set Up a Reboot Script

On your Pi-hole Raspberry Pi, run:

nano ~/router_reboot.sh

Paste this:

#!/bin/bash
ROUTER_IP="192.168.1.1" # ASUS Router IP
ROUTER_USER="admin"      # Router Login Username
ROUTER_PASS="yourpassword"  # Router Password

# Check Internet Connection
ping -c 3 8.8.8.8 > /dev/null
if [ $? -ne 0 ]; then
    echo "Internet down! Rebooting router..."
    curl -u $ROUTER_USER:$ROUTER_PASS "http://$ROUTER_IP/reboot.asp"
fi

Save & exit (Ctrl+X, Y, Enter).

Step 2: Make the Script Executable

Run:

chmod +x ~/router_reboot.sh

Step 3: Run the Script Automatically Every 10 Minutes

Run:

crontab -e

Add this line:

*/10 * * * * /home/pi/router_reboot.sh

✅ Now, if internet fails, your Pi will automatically reboot the router.

3️⃣ Option 3: Remotely SSH Into Your Pi to Reboot the Router

If you set up DDNS or a VPN earlier, you can SSH into your Pi from anywhere and run:

curl -u admin:yourpassword "http://192.168.1.1/reboot.asp"

This manually forces the ASUS router to reboot.

🚀 Now You Have Remote Control Over Your Network!

Would you like to automate switching your Pi-hole DNS when failover happens? 🌐🔁